From deaa30e121795a0b46856665b55e3b26269b766f Mon Sep 17 00:00:00 2001
From: Rensy Thomas <rensy.cinuthomas@progress.com>
Date: Mon, 23 Dec 2024 13:16:50 +0530
Subject: [PATCH] Added a note in the documentation

Signed-off-by: Rensy Thomas <rensy.cinuthomas@progress.com>
---
 components/docs-chef-io/content/automate/ha_cert_rotation.md | 1 +
 components/docs-chef-io/content/automate/ha_cert_selfsign.md | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/components/docs-chef-io/content/automate/ha_cert_rotation.md b/components/docs-chef-io/content/automate/ha_cert_rotation.md
index e20a6569927..241017de692 100644
--- a/components/docs-chef-io/content/automate/ha_cert_rotation.md
+++ b/components/docs-chef-io/content/automate/ha_cert_rotation.md
@@ -41,6 +41,7 @@ To understand how to generate certificates, refer to the [Certificate Generation
 - If you want to use certificates stored in another node of the HA cluster, you can provide the remote path to the certificates using the `<IP_ADDRESS_OF_NODE>:<ABSOLUTE_PATH_TO_THE_CERT_FILE>` format instead of the local path.
 - `--wait-timeout` This flag sets the operation timeout duration (in seconds) for each individual node during the certificate rotation process.
 - Certificate rotation should be done in down-time window as service will restart.
+- CN (Common Name) should be the same for all certificates in Opensearch nodes.
 {{< /note >}}
 
 ### Rotate Cluster Certificates
diff --git a/components/docs-chef-io/content/automate/ha_cert_selfsign.md b/components/docs-chef-io/content/automate/ha_cert_selfsign.md
index 8ac155e6640..73f009c1908 100644
--- a/components/docs-chef-io/content/automate/ha_cert_selfsign.md
+++ b/components/docs-chef-io/content/automate/ha_cert_selfsign.md
@@ -82,7 +82,8 @@ You can create a self-signed key and certificate pair with the **OpenSSL** utili
 
 {{< note >}}
 
-To create self-signed certificate for FQDN make sure to provide proper DNS and CN value. The DNS in Subject Alternative Name should match with the CN (Comman Name) 
+- To create self-signed certificate for FQDN make sure to provide proper DNS and CN value. The DNS in Subject Alternative Name should match with the CN (Common Name).
+- CN (Common Name) should be the same for all certificates in Opensearch nodes.
 
 {{< /note >}}